?

Log in

Thoughts On Removing Spam - The Watchtower of Destruction: The Ferrett's Journal
June 4th, 2003
09:56 am

[Link]

Previous Entry Share Next Entry
Thoughts On Removing Spam

A single weekend garnered me 120 unwanted emailings about real estate leads, horny women, penis enlargement pills, and of course swiss watches. I tucked them all neatly into a folder, and am now going through them one by one, clicking the unsubscribe link in an attempt to remove myself from their lists.

Some of them say, "You can remove yourself from this list by sending an email with the word 'Remove' in it." I always do, and add, "...And I hope all of your children die in a grease fire, you spamming cocksucker."

Some of them include a large disclaimer saying that this isn't spam, it's targeted email, as they'd never send anyone unwanted email. I unsubcribe, and then hunt down a contact info at that place to tell them, "You are indeed a spammer, you little arrogant shits, as I never asked for this in the least. Either you're scummy enough to play games with words, or you're so dumb you don't deserve to live. Either way, I hope your children die in a grease fire, and you get to hear them cook, you spamming cocksucker."

Yes, I actually do this. It makes me happier.

But the ones who drive me nuts most of all are the ones who include a link to unsubscribe that leads to a 404 "Page not found" error - or worse yet, opens up a form that never processes correctly. Somehow they're worse than the ones that simply don't have a link; they strike me as more hypocritical. "See? We'll take you off if you ask... Neener neener neener!"

There are enough hackers and crackers out there to "0wN" sites, breaking into them and disrupting their service. I ask the hacking community as a whole: Is it not possible to come up with some white hat hacker who will create a DOS attack for any site trying to sell wares via a spam email, thus ensuring that anyone who does spam people will never make a goddamn dime off of the retards who are actually going there? Because while I'd cheerfully script kiddie myself and learn how to break a system, I just don't have the time these days.

Current Mood: cynicalcynical

(39 shouts of denial | Tell me I'm full of it)

Comments
 
[User Picture]
From:jasonlove
Date:June 4th, 2003 07:04 am (UTC)

Ouch.

(Link)
I'm afraid part of the reason you get so much spam comes from clicking those "unsubscribe" links. It may occasionally get you off one mailing list, but it almost certainly adds your address to five more. The only way to consistently beat spam that I've discovered is to have ironclad mail-filtering software or simply never, ever, ever give out your e-mail address in any form an automated script could recognize.
[User Picture]
From:theferrett
Date:June 4th, 2003 07:11 am (UTC)

Re: Ouch.

(Link)
Actually, that's a common misconception. I was skeptical about unsubscribing until my wife, who had no other options left, gave it a shot - and it decreased her total spam traffic by about a third. It decreases mine, too - at least until the next crop of email harvesters comes to town. Unsubscribing works.

And as the editor of a site, I can't NOT have my email address public. I hate that.
[User Picture]
From:theferrett
Date:June 4th, 2003 07:13 am (UTC)

Whoops

(Link)
That should be, "TO about a third of what it was," not "by a third." It was a dramatic decrease, which makes sense; the ones who offer unsubscription programs these days actually do take you off the list for fear of legal consequences. The law's not nearly as fond of spammers these days.
[User Picture]
From:jasonlove
Date:June 4th, 2003 07:29 am (UTC)

Re: Whoops

(Link)
Well, I guess that's a valid consideration. If it worked once, it just might work again. In any case, you got me thinking, so I tracked down the place I originally learned that "unsubscribing" is actually a trap:

http://www.cdt.org/speech/spam/030319spamreport.shtml

I think it may have an answer to the problem of having a public e-mail address, too. Give 'em a look.
[User Picture]
From:jasonlove
Date:June 4th, 2003 07:32 am (UTC)

Re: Whoops

(Link)
Of course, now that I'm actually looking at the site, I cannot find any reference to the notion that unsubscribing leads to getting yet more unsolicited e-mail. Perhaps it's just an urban legend after all.
[User Picture]
From:theferrett
Date:June 4th, 2003 08:29 am (UTC)

Re: Whoops

(Link)
No, it used to be the case in the early days. It just isn't now.
[User Picture]
From:dk_leathers
Date:June 4th, 2003 08:07 am (UTC)

Re: Whoops

(Link)
Agreed and seconded. I now automatically 'unsub' from such mailings when I can manage the extra 10 mins here and there (fascinating as it is to have a mailbox full of the 'get a bigger dick/viagra/satisfy your woman/make your first million here' type spam) and I notice a marked decrease. Thank fck.
[User Picture]
From:melaniedavidson
Date:December 8th, 2005 07:33 am (UTC)

Re: Ouch.

(Link)
And as the editor of a site, I can't NOT have my email address public. I hate that.

I think this thing might help in that respect. You enter in text, such as your email, and it changes it to the html codes(with an option to put in random formatting tags with nothing inside them) so that it'll display the same way onscreen, but not obviously be an email address if you're looking at the source.

(If it's weird to be getting this years after the post, I followed the link from the purity test. Not, you know, stalking your lj or anything.)
[User Picture]
From:theferrett
Date:December 8th, 2005 01:24 pm (UTC)

Re: Ouch.

(Link)
It happens a fair amount, so no worries.

Unfortunately, the email needs to be easily available for customers who are technically challenged, and thus I can't chance any obscura. Damn.
[User Picture]
From:melaniedavidson
Date:December 8th, 2005 07:58 pm (UTC)

Re: Ouch.

(Link)
Ah, too bad. I hate mailto links, myself, but if there are people who need them...
From:mattlazycat
Date:September 15th, 2006 02:49 pm (UTC)

Re: Ouch.

(Link)
Simplest obfuscation I've seen that actually works is to replace the @ with %40. So you have <a href="mailto:bob%40example.com">email me</a> -- I set up throw-away addresses for my website (web-contact1, web-contact2, etc) with the intention of blocking one (with an apologetic auto-reply) and switching to another, but a year on and I've still not gotten spam to the first address. Ditto &#64;, which is slightly more correct I suppose :)
[User Picture]
From:his_angel
Date:June 4th, 2003 07:21 am (UTC)

uce@ftc.gov

(Link)
For those who do not unsubscribe you, do not have "forms" that work, direct you to page 404 error, or just plain keep sending that cr@p no matter what the reason .... just hit FWD and send it to the Federal Trade Commission that is trying to fight spammers. uce@ftc.gov


More info can be found at
http://www.ftc.gov/bcp/conline/pubs/online/inbox.htm
and
http://www.ftc.gov/bcp/conline/edcams/spam/

**side note**
i have found with some of the spamware programs for email, that being a business email address that sometimes it will delete/block email i need to see!

i always get some sense of sassifaction when i end up forwarding it to the federal government. It takes a bit of extra time but in the end i'm hoping the benefits will be worth it.

His ~angel~

From:da_judge1
Date:June 4th, 2003 07:34 am (UTC)
(Link)
I have too much angst to really reply with a coherent insult like you do. So congrats!!! Most of my angry replies are unreadable, ebcause I just see red and fly off the handle at them...
[User Picture]
From:jarodrussell
Date:June 4th, 2003 08:27 am (UTC)
(Link)
I say this as both a computer hobbyist and as an IT professional... If the delete button is too hard to operate, turn off your computer.
[User Picture]
From:theferrett
Date:June 4th, 2003 08:28 am (UTC)
(Link)
I say this as both a computer hobbyist and an IT professional: If you're wasting both my fucking bandwidth and my time, you can die and go to hell, as can anyone who defends you.
[User Picture]
From:jarodrussell
Date:June 4th, 2003 08:35 am (UTC)
(Link)
You're an IT professional?
[User Picture]
From:dglenn
Date:June 4th, 2003 08:55 am (UTC)
(Link)
It's not that the delete button is too hard to operate, it's a) that it sometimes adds up to half an hour I could've been doing something more fun, just to delete the spam, and more importantly b) I sometimes overlook important real messages that get "lost in the noise". Oh, tack on c) some of the folks I'd find it very convenient to communicate with via email have stopped using email because spam was so frustrating to them.

Speaking as a fellow IT professional and as a fellow computer enthusiast, I say spam is a very real problem that is diminishing the usefulness of email, and your advice to delete it and quit bitching is ten years out of date.
[User Picture]
From:jarodrussell
Date:June 4th, 2003 09:28 am (UTC)

For the record...

(Link)
My advice on the client end is to delete it, unless you're willing to install some kind of filtering mechanism -- such as the ones that come with Outlook or that I'm pretty sure you can buy from Symantec. My advice on the server end it to have system administrators use Milter to filter things out. Admitedly, I don't know much about Milter, but I know Perl has a library to interface with it, so writing a script to scan and delete messages couldn't be impossible. There are also various filters and concepts in the pipe that I've read about on Paul Graham's website as well as Joel on Software.

I don't like spam, no one likes spam, I too have lost emails in spam, but I just get really cheesed off when someone makes a plea for a DOS attack for any reason. Of all the ways out there to deal with spam, committing acts of cyberterrorism is an ill thought up plan of doing it.
[User Picture]
From:dglenn
Date:June 4th, 2003 10:15 am (UTC)

Re: For the record...

(Link)
Ah, I misunderstood -- it sounded to me as though you were reacting to the entire notion of bitching about spam, not specifically to the call of a DoS attack on spammers.

(One nitpick though: I think that most -- maybe, probably all -- of the cyberattacks we've ever seen are more "cybervandalism" than "cyberterrorism". Not that vandalism isn't a Bad Thing, just that the word "cyberterrorism" seems designed to either spread FUD or to inflate the significance of events to justify disproportionate reactions to them. The potential for real cyber-terrorism exists (though it'd be harder to pull off than a lot of people think), and ifwhen it happens, it's going to make everything else we've called cyberterrorism look silly. We shouldn't need to invoke the "terrorist" meme to make our points -- in meatspace vandalism, armed robbery, breaking and entering, and traffic tickets all matter without having to be compared to terrorism to make preventing/punishing them seem valid; nor should we have to call vandalism terrorism in cyberspace.)
[User Picture]
From:jarodrussell
Date:June 4th, 2003 10:26 am (UTC)

Re: For the record...

(Link)
We shouldn't need to invoke the "terrorist" meme to make our points...

How would you describe it if any random email user could call forth a DOS attack at any random time on any random server because spam annoyed them? I didn't mean to call forth any meme out of proportion, but I tend to see things in terms of being slippery slopes.
[User Picture]
From:theferrett
Date:June 4th, 2003 10:31 am (UTC)

Re: For the record...

(Link)
How would you describe it if any random email user could call forth a DOS attack at any random time on any random server because spam annoyed them?

Do you really think that there would be www.fuckaspammer.com, where they could just type an address into a web form and start a DOS attack at will? Come on.

Obviously, whoever did this would have to be fairly dedicated and would be motivated by more than mere childishness. There's a slippery slope element, yes, but then you're dealing with idiot crackers who just like overwhelming people. I'm advocating a "white hat" group (or at least a gray hat) who make it their business to be in revenge.

Many people say that if spammers don't make money at it, they'll stop. I say cut 'em off at the source, and there are any number of beleagured sysadmins who can point to the worst offenders. Do it a couple of times, front-page it on Yahoo!, and people will begin to get the message.
[User Picture]
From:jarodrussell
Date:June 4th, 2003 10:47 am (UTC)

Re: For the record...

(Link)
Do you really think that there would be www.fuckaspammer.com, where they could just type an address into a web form and start a DOS attack at will? Come on.

Yes, in fact it's already out there... Somewhere. I say this because I had someone ask me on IRC the other day if I knew anything about that IRC virus/bot that's been floating around, Fizzler -- I didn't by the way. He said he'd infected his mother's computer and was trying to find the commands for it. I say this because ten years ago the idea of downloading a free operating system and installing it was a fairly out there idea, but it's been done, and being done, by and for grandparents. I say this because five years ago the idea of something like Napster was a fairly out there idea, and now I've had people who can't import mailing addresses tell me how much they enjoy listening to classical music they got off it.

Five years ago, spam wasn't this bad, and people thought email was the end all of communicating. Would you have thought five years ago that email would be this problematic and junky to use? Just because it doesn't seem likely that frellspammers.net will ever exist doesn't mean it won't someday.
[User Picture]
From:jarodrussell
Date:June 4th, 2003 10:50 am (UTC)

Re: For the record...

(Link)
Sorry to make this two replies. I'm always nervous about LJ's text limit on replies.

Do it a couple of times, front-page it on Yahoo!, and people will begin to get the message.

Kind of like how all those IM's the RIAA sent out over Kazaa has curbed downloading. Like how all their shouting, articles, and lawsuits have slowed down P2P services? Kind of like... Well, you get my point.
[User Picture]
From:theferrett
Date:June 4th, 2003 10:24 am (UTC)

Re: For the record...

(Link)
Of all the ways out there to deal with spam, committing acts of cyberterrorism is an ill thought up plan of doing it.

Maybe, but none of the others have worked particularly well. The spammers routinely hijack websites, hack insecure mail serves, and perpetuate identity theft in order to cripple the global bandwidth with utter shit emails that 98% of the public DOES NOT WANT. Despite full-time people devoted to keeping spam out, nobody's been able to do it - and to say, "Well, all you have to do is delete or install some program I don't really know about!" is really showing naivete about how bad and deeply-rooted the problem is.

Will you tell the Europeans, who mostly pay by-the-minute-charges to download over phone lines, to just delete it but pay a dime for every HTML-laden graphics-extravanganza pornospam they have no choice but to get with their regular mail? Will you tell administrators who are trying to deal with floods of email they pay money for to just put in some magical spam filter?

I've done the reading. Some of them work better than others, but none of them really work.

DOS attacks or other hacks may not be the best solution, but as far as I'm concerned, the fuckers are breaking rules on a daily basis. I don't normally condone any sort of damaging cracking, but occasionally I'll say that you have to fight fire with fire.
[User Picture]
From:jarodrussell
Date:June 4th, 2003 10:37 am (UTC)

Re: For the record...

(Link)
I've done the reading. Some of them work better than others, but none of them really work.

Nothing is ever going to really work getting rid of email spammers. However, do you really think a DOS attack will waste any less bandwidth? Do you think it will do any good. You may knock out some spammers, but only until the sysadmins for their servers patch security holes. You think those who pay by the minute will be any happier when they have to wait three minutes to download a webpage because it's in the same coloc (is there a hyphen in that) facility as the spammers server? I'm sorry, but the numbers just don't add up. Trading wasted spam bandwidth for wasted packet-flooded bandwidth just makes no sense, to me anyway.

I've done a bit of reading about spam too, and what I've read says that a lot of spammers use servers in various countries for their spamming. This means that any DOS attack to stop spam in going to have to be done on the international level. I'm not sure about the legalities of it all, but roving bands of "white hat" DOS attackers are not going to be viewed kindly by governments who have legalized spam.
[User Picture]
From:theferrett
Date:June 4th, 2003 10:41 am (UTC)

Re: For the record...

(Link)
Trading wasted spam bandwidth for wasted packet-flooded bandwidth just makes no sense, to me anyway.

True enough, and an extremely valid point. However, as we both know, DOS isn't the only way to knock out a webserver, and was just what I wrote off the top of my head. There are many other evil ways - and when it came to spam sites, I'd condone almost all of them.

Other governments who allow spammers to operate deserve whatever happens to them. Hey, if we can't stop the spammers, they can't stop our white hats. Gosh, it's a shame you legalized spam... Too bad we don't feel like enforcing our local laws, either.

And if a server is hosting a spammer, then perhaps the serverhosts in question should learn that it's a Very Bad Idea to do so. Essentially, any method that cranks up the cost of spamming, I'm ALL for.
[User Picture]
From:jarodrussell
Date:June 4th, 2003 10:58 am (UTC)

Re: For the record...

(Link)
Gosh, it's a shame you legalized spam...

Didn't some Afghan organization say the same thing about giving women the right to vote? I'm pretty sure something along those lines came up. And this is why I use the terrorism meme, because when one group -- even a white hooded, er, hatted group -- says things like this, it never sticks to its mandate. How did Spider Jerusalem say it, "The weakest link in any revolution is people." (He may have said "cause," I don't remember. It's in the second issue of "Transmetropolitan" if anyone wants to check.) If you give a "white hat" group the power to attack servers when they deem it fit, then they will attack whenever they deem something fit... Justified or not.
From:leozz
Date:June 4th, 2003 08:40 am (UTC)
(Link)
I certainly unsubscribe from spam that at least tries to look semi-legitimate, but I think if the email asks you to reply to an address that looks suspicious, it probably won't work.

Also, what if it's a way for some evil spammer to harass people who harass him (or her) - just include their email address as the "reply to remove" address in the message.

As far as why you get so many 404 not found errors - I'd guess it's because people have complained and gotten the web site removed. If the site was still up, the unsubscribe probably wouldn't have worked anyway.

BTW, I really hope some of your nasty messages actually go through to the actual spammers.
[User Picture]
From:dglenn
Date:June 4th, 2003 09:12 am (UTC)
(Link)
Paul Graham argues that really effective spam filters (by which he basically means Bayesian filters) will, if they become widespread enough, not only reduce the amount of spam each user sees, but eventually make spam no longer cost-effective to send. I'm not certain we can get a high enough percentage of folks using Bayesian filters to have that effect, but a) it's a lovely thought, and b) even if they're still sucking my bandwidth, I like the thought of a filter more effective than what I'm currently using so that I don't have spam getting all the way to my mailbox.

So I plan on installing CRM114 Real Soon Now.

Filtering doesn't allow you the release of screaming back at the spammers, of course, but you could always go through the "filed as spam" folder for rage-targets when the urge strikes.
[User Picture]
From:wynterknight
Date:June 4th, 2003 09:37 am (UTC)
(Link)
That's a beautiful response, man. I've only sent angry messages with a couple of my unsubscribe e-mails, but more out of anger than anything else--I always just sort of assumed that no real person would be reading it, just a computer program or something.
From:(Anonymous)
Date:June 4th, 2003 10:04 am (UTC)

Removing SPAM

(Link)
As a general rule , when ppl recive spam its from a bulk word search they use and when someone clicks on the remove page , it confirms that a address exists and adds it to the 'this email works - so keep spaming list'

Best way to remove spam is to use the message source and track the persons orginating ip address and send a 'abuse@thereisp.com'

If you get spam , theres a good anti spam page with tools there to trace the orginal person at:
http://combat.uxn.com/

Good luck
Charliebrown_au
[User Picture]
From:tallizen
Date:June 4th, 2003 11:04 am (UTC)

fuck the spamer with an aids infected bull

(Link)
i hate spam and i hate pop ups and yes i am on aol. they (aol) are even working to rid us of spam hopefully it will be as sucessful as the telemarkter no call list that starts next month on hte first. Newest version of aol 8.0 has a block and rport function for spam even tho i use it i still some times get the same damm ad's but then from diffrent email addresses... So what good is it to even use. Aol has installed a pop up blocker but recentily i now started getting pop ups on my Ie some how it bypasses my aol brouser and now opens my ie brouser what the hell how did this happen now ... if it is not one thing it is another
i pay 23 a month to keep this email address and dont really want to change it cus i have had it for a long time and i am being lazy i guess ..... I just dont know what else to do any ideas
From:(Anonymous)
Date:June 5th, 2003 12:11 am (UTC)

Re: fuck the spamer with an aids infected bull

(Link)
Does AOL have a email only account thats cheaper ?

Or better still make all your subscribed email goto a free pop3 , eg yahoo mail



:-))
Charlie Brown
[User Picture]
From:kibbles
Date:June 4th, 2003 03:12 pm (UTC)
(Link)
My dad, since retiring in August, has been on an anti spam crusade. He answers and analyzes headers of nearly every piece of (no EVERY piece) spam that enters his inbox.
[User Picture]
From:cakoluchiam
Date:April 6th, 2005 04:13 am (UTC)
(Link)
One method I have heard to be effective for SysAdmins in at least tracking spam is to have an omniforward @yourdomain, and then give out your eMail address differently to each company or person you interact with.

For example, if you're signing your eMail on a purchase with Amazon for a book about gorillas, give them the email AmazonGorillas@theferrett.com. Then if you get Spam addressed to AmazonGorillas@theferrett.com , you know where the spammers likely got your email address, and you can attack the source.
[User Picture]
From:theferrett
Date:April 6th, 2005 06:30 am (UTC)
(Link)
That's actually a pretty good idea. I may steal that.
[User Picture]
From:stinkyonions
Date:June 6th, 2005 11:00 am (UTC)
(Link)
i use that method as well as email+alias@domain.com.

most modern email system will let you affix +word to your email address and it still gets to your box. ok, spammers can easily strip this out of email addresses but i haven't seen it happen yet. likewise, using a + makes it easier to sort mail too. +amazon goes to weborders etc..
[User Picture]
From:leoprincess
Date:November 11th, 2006 04:31 am (UTC)
(Link)
My favourites are the ones that come with the header "Peta! Enlarge your penis today!". I'm female, for pete's sake.

I was perfectly fine until I gave my e-mail address to my sensei and then a deluge of spam came flooding in on an hourly basis. Some of them in some form of 'writing' that I do not understand. Still, spammers deserve lots of fonging pain.
From:(Anonymous)
Date:March 15th, 2007 02:03 am (UTC)

attacking servers

(Link)
I was responsible for a number of sites including several charities.
The host was attacked because one of their customers started spamming. At the time they could only legally terminate the customer at the time of contract renewal, yet a certain anti-spam organisation listed them as spam-friendly.
This meant that all their customers had problems sending emails.
When I complained about that organisation, they tried attacking my sites on other servers too and the other host took my sites down until I finally threatened the other host with legal action.
Attacking hosts rather than just the spammers treats innocent customers as acceptable battle losses (I forget the military term for accidental civilian casualties) Just as in a real war, it's immoral and unacceptable.
Both the anti-spammers who do that and definitely the spammers themselves need shooting, unless someone can think of a nastier fate for them.
And delete ain't good enough - I waste an hour a day on deleteing spam that makes it through filters.
The Ferrett's Domain Powered by LiveJournal.com